A severe WordPress vulnerability which has been left a year without being patched has the potential to disrupt countless websites running the CMS, researchers claim. At the BSides technical cybersecurity conference in Manchester on Thursday, Secarma researcher Sam Thomas said the bug permits attackers to exploit the WordPress PHP framework, resulting in a full system compromise. [1]